Theo de Raadt has announced the release of OpenBSD 5.2. The OpenBSD 5.2 release page has a detailed list of all changes and improvements. As always, I would love for someone to write proper items about OpenBSD releases – it’s outside my interests and cursory glances don’t do it justice.
What do you mean about write proper items about releases? I always install every release of OpenBSD on multiple machines, so what is it you’re looking for?
I never touch any kind of Linux, I use OpenBSD because of the way the source code reads so I find it more simple to work with and run. What is it you would like to know about the releases? Do you want a short write up or a summary about each one?
For this very secure operating system, it is disappointing that it does not even offer disk encryption in the installer.
Full-disk encryption is probably not even possible.
http://unix.stackexchange.com/questions/9527/how-should-one-set-up-…
It isn’t in the installer you have to do the disk encryption before you start the installer. Here is a link to how I installed OpenBSD with full disk encryption.
http://geekyschmidt.com/2011/01/19/configuring-openbsd-softraid-fo-…
Not to long ago this source change showed up: http://marc.info/?l=openbsd-cvs&m=135135263905569&w=2
As I read this commit booting from softraids should now be possible in -current. Therefore if I understand this correctly Full-disk encryption is now possible (though not in the just released 5.2).
Yes, I have use this method to install OpenBSD 5.1 on my Laptop. You should not need to use -current, just to get full disk encryption.
Edited 2012-11-04 00:28 UTC
Did not know that. But from rereading the commit exactly it makes sense. It says though that it is now enabled by default which was not the case before. (“For boot(8) all softraid boot support is now enabled by default, including support for booting from crypto volumes.”)
Yay!! … oh wait, I’m already following current.
…at least we got a short write-up and release announcement.
Probably the last one before Thom converts this place to his own “Patents & K-Pop Central”
Edited 2012-11-03 10:42 UTC
Now, that’s an OS! granted, it doesn’t have many bells and whistles that other OS’s have, but it’s still one of the cleanest, simplest, coherent and logically organized OS I have ever seen, and I’ve seen many OS’s.
This release brings one thing we all awaited: true [multi]threading thrown into kernel space. It makes possible to use multi-core and multi-cpu HW without any problems. Performance boost + very good security – now, beat that, “OtherOS”
I’m using OpenBSD myself for quite some time now [several years] and it never let me down.
@evert – it doesn’t mean it’s not possible. Full disk encryption is usually made using external tools anyway. OpenBSD has vnconfig -k capabilities with built-in Blowfish support [I don’t trust AES and other stuff]. It is usually more than enough to encrypt your /home [vnconfig -k /dev/vnd0c /path/home.raw] or other mount points [it would need a little hacking, though. You’d have to add few lines of code into the /etc/rc to execute your vnconfig -k /usr, /var, etc early in the boot process]. It’s all about knowing HOW to do it, not about “It cannot be done”.
And one more thing – OpenBSD configures WiFi from within the installer flawlessly, which cannot be said in other OS’s case, really. It also has many tools integrated in order to simplify their usage. No “wpasupplicant” crap. It’s all in ifconfig …
??… You don’t trust one of most thoroughly cryptoanalysed cipher, don’t trust in its many cryptoanalyses done by best cryptologists?
There are some people who are automatically suspicious of anything approved by some authority. In the case of encryption, it’s the fear that there’s a back door in the design that would allow the authorities to break it easily.
Bingo. If it’s designed by government to encrypt, then it’s also designed by government to decrypt. Think about it: which government would allow to design cipher that is not breakable by themselves? that would be totally illogical. They want security, but they want to hold the master key … that’s easier than remote installation of government sponsored spyware [used in many operations], etc. You don’t have to ask for the keys to encrypt. You can do it yourself.
You are a wo/man of big faith, zima.
P.S oh, and why do you think they did hardware acceleration for AES? it’s not a surprise. They want wide adoption.
Edited 2012-11-04 11:04 UTC
But the AES isn’t designed by the government. It was chosen from independent competing teams. Specific IMPLEMENTATIONS of AES could definitely have backdoors and I think it would be stupid to assume none of them did, but the design itself is quite hard to have a backdoor put in.
That’s why in my initial comment, I only touched on design implying the fear about the design of AES is a bit paranoid. Everyone could review the design, and if no such agency were able to inject a backdoor into the design, you can bet the Russians, Chinese and Indians have the mathematical expertise (or can pay for it if they didn’t) to figure it out.
Backdoors are a three way street and, whatever you think about the US congress and senate and the CIA and FBI, no such agency does not seem to have the same incompetence.
For a luddite like me, if it’s good enough for Bruce Schneier, it’s good enough for me.
That’s bordering on paranoia (hm, and you just accepted the post of kwan_e kinda pointing this position as such) …part of which often is: seeing simple facts not quite the way they are (“the government” didn’t design AES)
Apart from what kwan_e says – if you think the govs world over (many ~competing ones) could conceivably pull off SUCH stunt, of silencing ALL pro cryptologists …then how do you know that Blowfish isn’t similarly compromised? (even better: “let’s release this much weaker Blowfish cipher for those who really want to hide secrets from us!”)
Hell, why do you trust the microcode in your CPUs? (that would be probably much easier to pull off, with only two US-based major x86 vendors)
What govs really use if they want your secrets, apart from planting of trojans, are good old interpersonal skills or – if they really want your secrets – rubber hose cryptoanalysis.
And the AES got accelerated in more recent CPUs because IT WAS ALREADY WIDELY ADOPTED
What’s funny-sad, those seem to be quite often the same people who shout the loudest that… the government can’t do anything right.
It’s the only O.S. that i know that improper documentation of an utility/command is considered a bug. And i love that.
No wasting time trying parameters that were removed (or changed). Or lost in the translation.
I don’t know if anyone here try to read the IPTables documentation, or worst, anyone read the help of the Spanish Windows version. The help is well written, but some morons translate the parameters in the command. The help will talk about “/read” parameter but the command refuse it because you have to put “/leer” (read in Spanish). It will lead you to create a batch file that only work on ONE specific version of Windows.
:O really?
That is a severe design issue!!! Similar to the translated commands in Excel. That madness does not make any sense!
I cannot imagine a program written in a Spanish-translated C. It would be something like:
#incluir <esest.e> //stdio.h [translated to Spanish] -> .e from ‘encabezado’
ent principal() //int = integer; ent = entero
{
car const* cad = “Hola mundo”;
imprimirf(“%c\n”, cad); //%c writes ‘cadenas’, i.e. ‘strings’;
retornar 0;
}
Very spooky, actually!
Thank you very much, that Spanish C really make me laugh.
There was a little Spanish C
A real language it thought it’d be
It wasn’t sharp or incremental
But in all objectivity
Why not a little Spanish C
Hours of laughter for you then: http://en.wikipedia.org/wiki/Non-English-based_programming_language…
🙂
Think about it though: if C had actually been designed this way, it likely wouldn’t have taken all these decades for OSs to support Unicode properly
I wouldn’t want to deal with Finno-Ugric code though…
Edited 2012-11-04 21:09 UTC
Regrettably, ctrl+f of all major and some minor (Sami especially always seems one nice little language & people) Finno-Ugric languages in http://en.wikipedia.org/wiki/Non-English-based_programming_language… didn’t come up with anything. :/
However, you might be even more interested in 丙æ£æ£ (Chinese C++), Farsi.NET, HPL, Dolittle (some Japanese edu language, charming name
…personal note here: Fjölnir name sounds kinda epic), or var’aq (Klingon…)
And that’s even before getting into “Languages based on symbols instead of keywords” or “Modifiable parser syntax” …Klingon Perl? As if Perl alone wasn’t enough?
PS. Generally, quite many French ones, what about that? ;p
And OMZ, GOTO++?! If that’s what I think it is, it could be… brilliant
But seriously, with relative prevalence of Chinese on that list, one might wonder if that’s not a song of things to come in ~computing…
Edited 2012-11-07 22:30 UTC
At some point in the 80s, our government decided that investing in computer science was critical and brought massive amounts of Thomson MO5 and TO7/70 computers to middle schools, together with new programmes that featured programming courses.
Might be a remainder of that era, or just misplaced nationalism.
Object-oriented GOTOs ? How would that work ?
Like, tonal programming languages and 7% less female programmer births per year? Well, sucks…
Edited 2012-11-08 08:27 UTC
Hm, you most likely fared better than my place:
http://en.wikipedia.org/wiki/Mera-Elzab_Meritum
http://en.wikipedia.org/wiki/List_of_ZX_Spectrum_clones#Elwro_800_J… (epic casing ;> )
…and I haven’t even seen either of them, ever. Nor any computer classroom before the PC era. Generally, probably another examples of economic cargo cults (~”developed countries produce lots of steel? Well then let’s do lots of steel!”), quite prevalent in Warsaw Pact economies. The was no educational system to it, no real push.
Exactly, the idea sounds crazy enough!(?) ;>
Only 7% less would be a major improvement, me thinks…
But seriously, I mean generally how the Chinese supposedly strive for technology independence (also check out Loongson) – with their expanding sphere of influence, this should push their tech more and more over time. And language.
PPS. Overall, why specifically not Finno-Ugric?…
Because for some reason which only linguists likely understand, this family of languages looks very different from everything else I have toyed with in at some point in my short life (French, English, German, Arabic, Swedish and Japanese), so learning one of them would likely be especially difficult.
They’re not alone, of course, I’ve heard from Russian learners that it gets be pretty bad too and my short experience with literary Arabic tells me that I probably wouldn’t want an Arabic PL either. It’s just that I had to pick something for the sentence to remain clean.
Edited 2012-11-08 07:42 UTC
I want to create a Scottish dialect of C.
I’ll call it:
Expletive-C.
When computers are finally able to effortlessly process natural language, perhaps we’ll finally see the dawn of the ultimate debugging nightmare: Subjective-C
I hear the Tea Party is thinking of creating it’s own patriotic dialect:
Ohsaycanyou-C
Well… I suppose it’s major benefit will at least be efficiency, running on very economic (cheap…) hardware? Smart dust and such (hopefully without constant quiet hum of expletives?)
Wasn’t Japanese (generally Far East) language moderately related to Finno-Ugric group? (or at least, wasn’t that one of many hypotheses?)
If you think Russian is bad, then Polish would be also “fun” I suppose ;p (and it also has some programming languages, though less than Russian & less serious)
It is an OS that does exactly what it says on the tin.
As always, I would love for someone to write proper items about OpenBSD releases – it’s outside my interests and cursory glances don’t do it justice.
…what are your interests then?
Clearly (based on your articles) you have interests in Microsoft/Windows, Apple/MacOS X, Linux, Google/Android, and BeOS/Haiku. Oh, and software patents… and can’t forget CDE. Which, combined, is seemingly almost everything, right there. But apparently OpenBSD is not in your interests, and I recall reading a semi-recent article where you mentioned your inexperience with Solaris (so I guess there’s another). But based on the fact that you post on a site called “OSNews,” I would expect a broader OS interest.
Not that I’m complaining that you lack interest of OpenBSD or Solaris or whatever else (honestly, while I appreciate OpenBSD I don’t currently have a whole lot of interest in it myself, or any of the BSDs for that matter, and Oracle is enough to turn me away from Solaris). I’m just curious what are your primary interests, since they not only seem varied–but pretty specific too. To be fair, it’s pretty damn hard to both learn and be interested in almost *everything*, but I’m just curious what actually are your primary interests.
Edited 2012-11-04 04:26 UTC
You may wish to qualify that request with “in regard to operating systems” else you will end up with everything from rainbow farting ponies to Left for Dead 2 to Fiona Apple to Hangul.
And that’s just the stuff he tells us about here and on Google+, there’s no telling what else may come out.